openstack/tripleo-heat-templates
Code Issues Proposed changes
523acec270
tripleo-heat-templates/container_config_scripts/nova_libvirt_init_secret.sh
Michele Baldessari 61f67eff10 nova_libvirt_init_secret Give a proper error if ceph is not configured properly 
Let's make the error a little more clearer when ceph failed to be
configured properly.

Before:
2021-08-13T12: 42:07.472193117+00:00 stdout F ------------------------------------------------
2021-08-13T12: 42:07.472193117+00:00 stdout F Initializing virsh secrets for: ceph:openstack
2021-08-13T12: 42:07.481397478+00:00 stdout F --------
2021-08-13T12: 42:07.481397478+00:00 stdout F Initializing the virsh secret for 'ceph' cluster () 'openstack' client
2021-08-13T12: 42:07.484466828+00:00 stdout F Creating /etc/nova/ceph-secret.xml
2021-08-13T12: 42:07.493435343+00:00 stderr F Usage: grep [OPTION]... PATTERN [FILE]...
2021-08-13T12: 42:07.493435343+00:00 stderr F Try 'grep --help' for more information.
2021-08-13T12: 42:07.591038798+00:00 stdout F Secret 5e23cf03-81b0-4e02-b678-7c5363fbf0e2 created
2021-08-13T12: 42:07.591038798+00:00 stdout F
2021-08-13T12: 42:07.671036635+00:00 stderr F error: failed to get secret '--base64'
2021-08-13T12: 42:07.671036635+00:00 stderr F error: uuidstr in virSecretLookupByUUIDString must be a valid UUID
2021-08-13T12: 42:07.674021136+00:00 stdout F

After:
2021-08-14T13:10:20.866443451+00:00 stdout F Initializing virsh secrets for: ceph:openstack
2021-08-14T13:10:20.880988730+00:00 stdout F Error: /etc/ceph/ceph.conf contained an empty fsid definition
2021-08-14T13:10:20.880988730+00:00 stdout F Check your ceph configuration

Change-Id: I781db8142015d713d9e99114aed42667418bf23b
2021-08-14 15:17:47 +02:00

71 lines
2.2 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
set -e
CEPH_INFO=($*)
if [ -z "$CEPH_INFO" ]; then
echo "error: At least one CLUSTER:CLIENT tuple must be specified"
exit 1
fi
echo "------------------------------------------------"
echo "Initializing virsh secrets for: ${CEPH_INFO[@]}"
for INFO in ${CEPH_INFO[@]}; do
IFS=: read CLUSTER CLIENT <<< $INFO
if [ ! -f /etc/ceph/${CLUSTER}.conf ]; then
echo "Error: /etc/ceph/${CLUSTER}.conf was not found"
echo "Path to nova_libvirt_init_secret was ${CEPH_INFO}"
exit 1
fi
FSID=$(awk '$1 == "fsid" {print $3}' /etc/ceph/${CLUSTER}.conf)
if [ -z "${FSID}" ]; then
echo "Error: /etc/ceph/${CLUSTER}.conf contained an empty fsid definition"
echo "Check your ceph configuration"
exit 1
fi
echo "--------"
echo "Initializing the virsh secret for '$CLUSTER' cluster ($FSID) '$CLIENT' client"
# Ensure the secret XML file exists. Puppet should have created a secret.xml
# file for the first cluster's secret, so detect when to use that file.
if grep -q $FSID /etc/nova/secret.xml; then
SECRET_FILE="/etc/nova/secret.xml"
SECRET_NAME="client.${CLIENT} secret"
else
SECRET_FILE="/etc/nova/${CLUSTER}-secret.xml"
SECRET_NAME="${CLUSTER}.client.${CLIENT} secret"
fi
if [ ! -f $SECRET_FILE ]; then
echo "Creating $SECRET_FILE"
cat <<EOF > $SECRET_FILE
<secret ephemeral='no' private='no'>
<usage type='ceph'>
<name>${SECRET_NAME}</name>
</usage>
<uuid>${FSID}</uuid>
</secret>
EOF
else
echo "The $SECRET_FILE file already exists"
fi
# Ensure the libvirt secret is defined
if /usr/bin/virsh secret-list | grep -q $FSID; then
echo "The virsh secret for $FSID has already been defined"
else
/usr/bin/virsh secret-define --file $SECRET_FILE
fi
# Fetch the key from the keyring and ensure the secret is set
KEY=$(awk '$1 == "key" {print $3}' /etc/ceph/${CLUSTER}.client.${CLIENT}.keyring)
if /usr/bin/virsh secret-get-value $FSID 2>/dev/null | grep -q $KEY; then
echo "The virsh secret for $FSID has already been set"
else
/usr/bin/virsh secret-set-value --secret $FSID --base64 $KEY
fi
done
View Git Blame Copy Permalink